bostitch.eu
HTML metadata
Technology
- Server
- Apache
- Cookie consent
-
- OneTrust
Third-party hosts loaded (2)
- ajax.googleapis.com×1
- cdn.cookielaw.org×1
DNS records live
- NS
-
- a1-56.akam.net
- a10-64.akam.net
- a11-66.akam.net
- a28-64.akam.net
- a3-65.akam.net
- a4-67.akam.net
Email authentication no MX
- SPF
-
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;policy: quarantine - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 58 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: bostitch.eu *.bostitch.eu bostitch.eu www.bostitch.eu v3.vid.bostitch.eu v3.vid.bostitch3.eu v3.img.bostitch.eu v3.img.bostitch3.eu v3.pdf.bostitch.eu v3.pdf.bostitch3.eu v3.js.bostitch.eu v3.js.bostitch3.eu v3.css.bostitch.eu v3.css.bostitch3.eu cdn.cookielaw.org *.google.com *.googleapis.com *.googletagmanager.com *.bootstrapcdn.com *.onetrust.com *.gstatic.com *.google-analytics.com googtagmanager.com *.googtagmanager.com wss://*.google-analytics.com *.zdassets.com *.zopim.com support-bostitch.zendesk.com *.my.sentry.io wss://*.zopim.com *.youtube.com *.amazonaws.com code.jquery.com holastanley.zendesk.com wss://holastanley.zendesk.com; img-src * data:; font-src * blob: data: 'unsafe-inline'; report-uri https://cowntbq6e6naoiyjqjke3a777a0hbjfs.lambda-url.eu-west-1.on.aws/;- strict-transport-security
max-age=31536000; includeSubDomains